[Bug ld/24333] New: An Invalid Memory Address Dereference problem was di

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/24333] New: An Invalid Memory Address Dereference problem was di

From:	wcventure at 126 dot com
Subject:	[Bug ld/24333] New: An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_add_default_symbol in elflink.c in bfd
Date:	Thu, 14 Mar 2019 12:27:25 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=24333

            Bug ID: 24333
           Summary: An Invalid Memory Address Dereference problem was
                    discovered in function _bfd_elf_add_default_symbol in
                    elflink.c in bfd
           Product: binutils
           Version: 2.32
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: wcventure at 126 dot com
  Target Milestone: ---

Created attachment 11673
  --> https://sourceware.org/bugzilla/attachment.cgi?id=11673&action=edit
POC

Hi, there.

An Invalid Memory Address Dereference problem was discovered in function
_bfd_elf_add_default_symbol in elflink.c in bfd of binutils 2.32 the latest
code base. A crafted ELF input can cause segment faults and I have confirmed
them with address sanitizer too.

Please use the "./ld -E $POC" to reproduce the bug.


The ASAN dumps the stack trace as follows:

> ASAN:DEADLYSIGNAL
> =================================================================
> ==5224==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000046 (pc 
> 0x00000082f74c bp 0x7ffd57a0b290 sp 0x7ffd57a0abe0 T0)
>     #0 0x82f74b in _bfd_elf_add_default_symbol 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:1944:58
>     #1 0x82f74b in elf_link_add_object_symbols 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:4842
>     #2 0x82165a in bfd_elf_link_add_symbols 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:5740:14
>     #3 0x534ff0 in load_symbols 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/ldlang.c:3080:7
>     #4 0x563440 in open_input_bfds 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/ldlang.c:3529:13
>     #5 0x55124f in lang_process 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/ldlang.c:7383:3
>     #6 0x58fb7f in main 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/ld/./ldmain.c:440:3
>     #7 0x7f3feb64582f in __libc_start_main 
> /build/glibc-LK5gWL/glibc-2.23/csu/../csu/libc-start.c:291
>     #8 0x4195f8 in _start 
> (/home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/build/bin/ld+0x4195f8)
> 
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV 
> /home/hjwang/Fuzzing_Objects/binutils_2.32_ASAN/bfd/elflink.c:1944:58 in 
> _bfd_elf_add_default_symbol
> ==5224==ABORTING
> Aborted

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug ld/24333] New: An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_add_default_symbol in elflink.c in bfd, wcventure at 126 dot com <=
- [Bug ld/24333] An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_add_default_symbol in elflink.c in bfd, cvs-commit at gcc dot gnu.org, 2019/03/14
- [Bug ld/24333] An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_add_default_symbol in elflink.c in bfd, nickc at redhat dot com, 2019/03/14

Prev by Date: [Bug ld/24332] Heap-buffer-overflow in bfd_getl16 and bfd_getl64 in bfd, respectively
Next by Date: [Bug ld/24334] New: Heap-buffer-overflow in section_vma_same function in dwarf2.c in bfd
Previous by thread: [Bug ld/24332] New: Heap-buffer-overflow in bfd_getl16 and bfd_getl64 in bfd, respectively
Next by thread: [Bug ld/24333] An Invalid Memory Address Dereference problem was discovered in function _bfd_elf_add_default_symbol in elflink.c in bfd
Index(es):
- Date
- Thread